Victor K. Wei

Generalized Hamming weights for linear codes

Motivated by cryptographical applications, the algebraic structure, of linear codes from a new perspective is studied. By viewing the minimum Hamming weight as a certain minimum property of one-dimensional subcodes, a generalized notion of higher-dimensional Hamming weights is obtained. These weights characterize the code performance on the wire-tap channel of type II. Basic properties of generalized weights are derived, the values of these weights for well-known classes of codes are determined, and lower bounds on code parameters are obtained. Several open problems are also listed. >

A locally adaptive data compression scheme

A data compression scheme that exploits locality of reference, such as occurs when words are used frequently over short intervals and then fall into long periods of disuse, is described. The scheme is based on a simple heuristic for self-organizing sequential search and on variable-length encodings of integers. We prove that it never performs much worse than Huffman coding and can perform substantially better; experiments on real files show that its performance is usually quite close to that of Huffman coding. Our scheme has many implementation advantages: it is simple, allows fast encoding and decoding, and requires only one pass over the data to be compressed (static Huffman coding takes two passes).

Algebraic-geometry codes

The theory of error-correcting codes derived from curves in an algebraic geometry was initiated by the work of Goppa as generalizations of Bose-Chaudhuri-Hocquenghem (BCH), Reed-Solomon (RS), and Goppa codes. The development of the theory has received intense consideration since that time and the purpose of the paper is to review this work. Elements of the theory of algebraic curves, at a level sufficient to understand the code constructions and decoding algorithms, are introduced. Code constructions from particular classes of curves, including the Klein quartic, elliptic, and hyperelliptic curves, and Hermitian curves, are presented. Decoding algorithms for these classes of codes, and others, are considered. The construction of classes of asymptotically good codes using modular curves is also discussed.

Using simulated annealing to design good codes

Simulated annealing is a computational heuristic for obtaining approximate solutions to combinatorial optimization problems. It is used to construct good source codes, error-correcting codes, and spherical codes. For certain sets of parameters codes that are better than any other known in the literature are found.

Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups

We present a linkable spontaneously anonymous group (LSAG) signature scheme (alternatively known as linkable ring signature scheme) satisfying the following three properties. (1) Anonymity, or signer indistinguishability. (2) Linkability: That two signatures by the same signer can be linked. (3) Spontaneity: No group secret, therefore no group manager or group secret sharing setup. We reduce the security of our scheme to well-known problems under the random oracle model. Using the scheme, we construct a new efficient one-round e-voting system which does not have a registration phase. We also present a new efficient reduction of famous rewind simulation lemma which only relies on elementary probability theory. Threshold extensions of our scheme are also presented.

Short linkable ring signatures for e-voting, e-cash and attestation

A ring signature scheme can be viewed as a group signature scheme with no anonymity revocation and with simple group setup. A linkable ring signature (LRS) scheme additionally allows anyone to determine if two ring signatures have been signed by the same group member. Recently, Dodis et al. [18] gave a short (constant-sized) ring signature scheme. We extend it to the first short LRS scheme, and reduce its security to a new hardness assumption, the Link Decisional RSA (LD-RSA) Assumption. We also extend [18]s other schemes to a generic LRS scheme and a generic linkable group signature scheme. We discuss three applications of our schemes. Kiayias and Yung [22] constructed the first e-voting scheme which simultaneously achieves efficient tallying, public verifiability, and write-in capability for a typical voter distribution under which only a small portion writes in. We construct an e-voting scheme based on our short LRS scheme which achieves the same even for all worst-case voter distribution. Direct Anonymous Attestation (DAA) [6] is essentially a ring signature scheme with certain linking properties that can be naturally implemented using LRS schemes. The construction of an offline anonymous e-cash scheme using LRS schemes is also discussed.

Separable linkable threshold ring signatures

A ring signature scheme is a group signature scheme with no group manager to setup a group or revoke a signer. A linkable ring signature, introduced by Liu, et al. [20], additionally allows anyone to determine if two ring signatures are signed by the same group member (a.k.a. they are linked). In this paper, we present the first separable linkable ring signature scheme, which also supports an efficient thresholding option. We also present the security model and reduce the security of our scheme to well-known hardness assumptions. In particular, we introduce the security notions of accusatory linkability and non-slanderability to linkable ring signatures. Our scheme supports “event-oriented” linking. Applications to such linking criterion is discussed.

On the generalized Hamming weights of product codes

The rth generalized Hamming weight of a linear code is the minimum support size of any r-dimensional subcode. It has been found useful in the studies of cryptography and trellis coding. The authors derive several results on expressing the generalized Hamming weights of a product code in terms of those of its component codes. They also formulate a general conjecture. >

The redundancy of source coding with a fidelity criterion. 1. Known statistics

The problem of redundancy of source coding with respect to a fidelity criterion is considered. For any fixed rate R>0 and any memoryless source with finite source and reproduction alphabets and a common distribution p, the nth-order distortion redundancy D/sub n/(R) of fixed-rate coding is defined as the minimum of the difference between the expected distortion per symbol of any block code with length n and rate R and the distortion rate function d(p,R) of the source p. It is demonstrated that for sufficiently large n, D/sub n/(R) is equal to -(/spl part///spl part/R)d(p,R) ln n/2n+o(ln n/n), where (/spl part///spl part/R)d(p,R) is the partial derivative of d(p,R) evaluated at R and assumed to exist. For any fixed distortion level d>0 and any memoryless source p, the nth-order rate redundancy R/sub n/(d) of coding at fixed distortion level d (or by using d-semifaithful codes) is defined as the minimum of the difference between the expected rate per symbol of any d-semifaithful code of length n and the rate-distortion function R(p,d) of p evaluated at d. It is proved that for sufficiently large n, R/sub n/(d) is upper-bounded by ln n/n+o(ln n/n) and lower-bounded by In n/2n+o(In n/n). As a by-product, the lower bound of R/sub n/(d) derived in this paper gives a positive answer to a conjecture proposed by Yu and Speed (1993).

A strong proxy signature scheme with proxy signer privacy protection

Mambo et al. (1996) discussed the delegation of signature power to a proxy signer. Lee et al. (2001) constructed a strong non-designated proxy signature scheme in which the proxy signer had strong non-repudiation. In this paper, we present an enhancement to their scheme such that the identity of the proxy signer is hidden behind an alias. The identity can be revealed only by the alias authority. We also discuss other applications of this technique.